Bug #106578 for AWS-SQS-Simple: Secret Keys with "+" sign fail on signature check on endpoint receive

This probably has something to do with AWS::SQS as well, since code and keys that worked fine for a year stopped working yesterday (8/120/2015). After digging around in the Perl debugger, it looks like the 'params' and the signature calculation is failing when the secretKey has a '+' sign in it, which is probably getting interpreted as space. Fix might be urlencoding this. I generated a new keyId and secretKey that has no plus sign in it, and things work. This is module Base.pm. 236: my $verb = "GET"; 237: $verb = "POST" if $post_request; 238: my $host = lc URI->new($self->{Endpoint})->host; DB<10> l 239: my $path = '/'; 240: if ($self->{Endpoint} =~ m{^https?://[^/]*(/.*)$}) { 241: $path = "$1"; 242: $path .= '/' unless $post_request; # why is this not in the spec? 243 } 244 245: $to_sign = "$verb\n$host\n$path\n$to_sign"; 246: $params->{Signature} = encode_base64(hmac_sha256($to_sign, $self->{SecretKey}),''); 247: return $params; Another bug (minor) shows up here: Amazon::SQS::Simple::Base::_dispatch(/usr/local/share/perl5/Amazon/SQS/Simpl e/Base.pm:132): 132: my $href = XMLin($response->content); DB<17> Amazon::SQS::Simple::Base::_dispatch(/usr/local/share/perl5/Amazon/SQS/Simpl e/Base.pm:133): 133: $msg = $href->{Error}{Message}; DB<17> Amazon::SQS::Simple::Base::_dispatch(/usr/local/share/perl5/Amazon/SQS/Simpl e/Base.pm:136): 136: my $error = "ERROR [try $try]: On calling $params->{Action}: " . $response->status_line; DB<17> n Use of uninitialized value $try in concatenation (.) or string at /usr/local/share/perl5/Amazon/SQS/Simple/Base.pm line 136. at /usr/local/share/perl5/Amazon/SQS/Simple/Base.pm line 136. Amazon::SQS::Simple::Base::_dispatch('Amazon::SQS::Simple::Queue=HASH(0x1ee4 1a8)', 'HASH(0x1374b20)') called at /usr/local/share/perl5/Amazon/SQS/Simple/Queue.pm line 32 Amazon::SQS::Simple::Queue::SendMessage('Amazon::SQS::Simple::Queue=HASH(0x1 ee41a8)', '{\x{a}"MessageType" : "ServiceInstanceMetricsMessage",\x{a}"MessageId...') called at /home/ec2-user/lib/DCS.pm line 275 DCS::sendMetricsMessage('{\x{a}"MessageType" : "ServiceInstanceMetricsMessage",\x{a}"MessageId...', 'AKIAJ6VIK3NMHADGG5EQ', 'vXKMmkZ09OfWCab+Gn8of9NFhtXemzMdfXzQQvh', 'https://sqs.us-east-1.amazonaws.com/024878242910/service-metrics') called at qsr-service-metrics.pl line 71 main::__ANON__[qsr-service-metrics.pl:93]('ALRM') called at qsr-service-metrics.pl line 98 eval {...} called at qsr-service-metrics.pl line 98 Amazon::SQS::Simple::Base::_dispatch(/usr/local/share/perl5/Amazon/SQS/Simpl e/Base.pm:137): 137: $error .= " ($msg)" if $msg; The SQS Response on signature fail: DB<15> n Amazon::SQS::Simple::Base::_dispatch(/usr/local/share/perl5/Amazon/SQS/Simpl e/Base.pm:116): 116: if ($response->is_success) { DB<15> x $response 0 HTTP::Response=HASH(0x24ba0b8) '_content' => '<?xml version="1.0"?><ErrorResponse xmlns="http://queue.amazonaws.com/doc/2012-11-05/"><Error><Type>Sender</Type Show quoted text
calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.</Message><Detail/></Error><RequestId>1ba42a34-1e5e-558f-9d04-646506 4da4b4</RequestId></ErrorResponse>'